<html>
<head>
    <meta charset="UTF-8">
    <title>处理密码修改页面</title>
</head>
<body>

    <?php 
    //
    // require_once("../system/loginCheck.php");
    session_start();
    require_once("../system/dbConn.php");
    connect();
    $old=$_POST["old"];
    $new1=$_POST["new1"];
    $new2=$_POST["new2"];

//取数据中原密码
    $adminname=$_SESSION["adminname"];
    $sql="select password from admins where adminname='$adminname'";
    
    $result=mysql_query($sql);//结果集
    $row=mysql_fetch_assoc($result);

    if (strcmp(md5($old), $row["password"])!=0) {//从数据库取得的密码和表单输入的密码
        header("location:changePassword.php?msg1=原密码输入不正确！");
    }
    elseif (strcmp($new1, $new2)!=0) {
        header("location:changePassword.php?msg2=新密码和确认新密码输入不正确！");
    }
    else{
        //去数据库表修改密码
        $sql1="update admins set password=md5('$new1') where adminname='$adminname'";
        $result1=mysql_query($sql1);
        if ($result1==1) {
            echo "密码修改成功,3秒后跳转";
            header("refresh:3;url='welcome.php'");
        }
        else{
            echo "密码修改失败";
        }
    }
     ?>
</body>
<html>
